예제 #1
0
int main()
{   
  int i,bytes,res;
  unsigned long ran;
  char m[RFS],ml[RFS],c[RFS],e[RFS],raw[100];
  rsa_public_key pub;
  rsa_private_key priv;
  csprng RNG;  
  octet M={0,sizeof(m),m};
  octet ML={0,sizeof(ml),ml};
  octet C={0,sizeof(c),c};
  octet E={0,sizeof(e),e};
  octet RAW={0,sizeof(raw),raw};

  time((time_t *)&ran);

  RAW.len=100;				/* fake random seed source */
  RAW.val[0]=ran;
  RAW.val[1]=ran>>8;
  RAW.val[2]=ran>>16;
  RAW.val[3]=ran>>24;
  for (i=4;i<100;i++) RAW.val[i]=i;

  CREATE_CSPRNG(&RNG,&RAW);   /* initialise strong RNG */

  printf("Generating public/private key pair\n");
  RSA_KEY_PAIR(&RNG,65537,&priv,&pub);

  printf("Encrypting test string\n");
  OCT_jstring(&M,(char *)"Hello World\n");
  OAEP_ENCODE(&M,&RNG,NULL,&E); /* OAEP encode message m to e  */

  RSA_ENCRYPT(&pub,&E,&C);     /* encrypt encoded message */
  printf("Ciphertext= "); OCT_output(&C); 

  printf("Decrypting test string\n");
  RSA_DECRYPT(&priv,&C,&ML);   /* ... and then decrypt it */

  OAEP_DECODE(NULL,&ML);    /* decode it */
  OCT_output_string(&ML);

  if (!OCT_comp(&M,&ML))
    {
      printf("FAILURE RSA Encryption failed");
      return 1;
    }
 
  OCT_clear(&M); OCT_clear(&ML);   /* clean up afterwards */
  OCT_clear(&C); OCT_clear(&RAW); OCT_clear(&E); 

  KILL_CSPRNG(&RNG);

  RSA_PRIVATE_KEY_KILL(&priv);

  printf("SUCCESS\n");
  return 0;
}
예제 #2
0
파일: test1363.c 프로젝트: mpiskarev/MIRACL
int main(int argc,char **argv)
{   
    int i,ip,mlen,precompute;
    BOOL compress,dhaes,result;
    octet h,s,p,f,g,c,d,u,v,w,m,m1,tag,tag1;
    octet s0,s1,w0,w1,u0,u1,v0,v1,k1,k2,z,vz;
    octet z1,z2,f1,f2,f3,k;
    octet p1,p2,L2,C;
    octet raw;
    unsigned long ran;
    dl_domain dom;
    ecp_domain epdom;
    ec2_domain e2dom;
    if_public_key pub;
    if_private_key priv;
    csprng RNG;                  /* Crypto Strong RNG */
 
    int res,bytes,bits;

    argc--; argv++;
    compress=FALSE;
    precompute=0;

    ip=0;
    while (ip<argc)
    {
        if (strcmp(argv[ip],"-c")==0)
        {
            compress=TRUE;
            ip++; 
            continue;
        }

        if (strcmp(argv[ip],"-p")==0)
        {
            precompute=8;
            ip++; 
            continue;
        }
 
        printf("Command line error\n");
        exit(0);
    }

    time((time_t *)&ran);
                               /* fake random seed source */
    OCTET_INIT(&raw,100);
    raw.len=100;
    raw.val[0]=ran;
    raw.val[1]=ran>>8;
    raw.val[2]=ran>>16;
    raw.val[3]=ran>>24;
    for (i=4;i<100;i++) raw.val[i]=i+1;

    CREATE_CSPRNG(&RNG,&raw);   /* initialise strong RNG */

    OCTET_KILL(&raw);

/*
    OCTET_INIT(&k,100);
    OCTET_JOIN_BYTE(0x0b,20,&k);
    OCTET_INIT(&m,100);
    OCTET_JOIN_STRING("Hi There",&m);
    OCTET_INIT(&d,100);

    if (!MAC1(&m,NULL,&k,20,SHA1,&d)) printf("failed\n");

    OCTET_OUTPUT(&k);
    OCTET_OUTPUT(&m);
    OCTET_OUTPUT(&d);

    OCTET_KILL(&k);
    OCTET_KILL(&m);
    OCTET_KILL(&d); 
*/

    bytes=DL_DOMAIN_INIT(&dom,"common.dss",NULL,precompute);

    res=DL_DOMAIN_VALIDATE(NULL,&dom);
    if (res!=0)
    {
        printf("Domain parameters are invalid\n");
        return 0;
    }
    OCTET_INIT(&s0,bytes);
    OCTET_INIT(&s1,bytes);
    OCTET_INIT(&w0,bytes);
    OCTET_INIT(&w1,bytes);

    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s0,&w0);
    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s1,&w1);

    OCTET_INIT(&z,bytes);
    OCTET_INIT(&z1,bytes);
    OCTET_INIT(&z2,bytes);
    DLSVDP_DH(NULL,&dom,&s0,&w1,&z);
    DLSVDP_DH(NULL,&dom,&s1,&w0,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("DLSVDP-DH - OK\n");
    else
    {
        printf("*** DLSVDP-DH Failed\n");
        return 0;
    }

    res=DLSVDP_DHC(NULL,&dom,&s1,&w0,TRUE,&z2);


    if (OCTET_COMPARE(&z,&z2))
        printf("DLSVDP-DHC Compatibility Mode - OK\n");
    else
    {
        printf("*** DLSVDP-DHC Compatibility Mode Failed\n");
        return 0;
    }

    DLSVDP_DHC(NULL,&dom,&s0,&w1,FALSE,&z);
    DLSVDP_DHC(NULL,&dom,&s1,&w0,FALSE,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("DLSVDP-DHC - OK\n");
    else
    {
        printf("*** DLSVDP-DHC Failed\n");
        return 0;
    }

    OCTET_INIT(&u0,bytes);
    OCTET_INIT(&u1,bytes);
    OCTET_INIT(&v0,bytes);
    OCTET_INIT(&v1,bytes);

    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&u0,&v0);
    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&u1,&v1);

    DLSVDP_MQV(NULL,&dom,&s0,&u0,&v0,&w1,&v1,&z);
    DLSVDP_MQV(NULL,&dom,&s1,&u1,&v1,&w0,&v0,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("DLSVDP-MQV - OK\n");
    else
    {
        printf("*** DLSVDP-MQV Failed\n");
        return 0;
    }

    DLSVDP_MQVC(NULL,&dom,&s0,&u0,&v0,&w1,&v1,TRUE,&z2);

    if (OCTET_COMPARE(&z,&z2))
        printf("DLSVDP-MQVC Compatibility Mode - OK\n");
    else
    {
        printf("*** DLSVDP-MQVC Compatibility Mode Failed\n");
        return 0;
    }

    DLSVDP_MQVC(NULL,&dom,&s0,&u0,&v0,&w1,&v1,FALSE,&z);
    DLSVDP_MQVC(NULL,&dom,&s0,&u0,&v0,&w1,&v1,FALSE,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("DLSVDP-MQVC - OK\n");
    else
    {
        printf("*** DLSVDP-MQVC Failed\n");
        return 0;
    }

    OCTET_INIT(&s,bytes);
    OCTET_INIT(&p,bytes);

    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s,&p);
    res=DL_PUBLIC_KEY_VALIDATE(NULL,&dom,TRUE,&p);
    if (res!=0)
    {
        printf("DL Public Key is invalid!\n");
        return 0;
    }

    OCTET_INIT(&f,bytes+1);
    OCTET_INIT(&c,bytes);
    OCTET_INIT(&d,bytes);
    OCTET_INIT(&f1,bytes);
    OCTET_INIT(&f2,bytes);

    f.len=16;                   /* fake a message */
    for (i=0;i<16;i++) f.val[i]=i+1;          
                                /* make sure its less than group order */
                                /* because we will use the same message */
                                /* to test signature with message recovery */
    OCTET_INIT(&k,16);
    k.len=16; for (i=0;i<16;i++) k.val[i]=1;    /* fake an AES key */

    res=AES_CBC_IV0_ENCRYPT(&k,&f,NULL,&f1,NULL);
    res=AES_CBC_IV0_DECRYPT(&k,&f1,NULL,&f2,NULL);

    if (OCTET_COMPARE(&f,&f2))
        printf("AES Encrypt/Decrypt OK\n");
    else
    {
        printf("*** AES Encrypt/Decrypt Failed\n");
        return 0;
    }

    OCTET_KILL(&k);

/* Test OAEP/EME1 encoding and decoding */

    OCTET_INIT(&f3,128);
    res=EME1_ENCODE(&f,&RNG,1023,NULL,SHA256,&f3);
    res=EME1_DECODE(&f3,1023,NULL,SHA256,&f2);
    if (OCTET_COMPARE(&f,&f2))
        printf("OAEP Encoding/Decoding - OK\n");
    else
    {
        printf("*** OAEP Encoding/Decoding Failed\n");
        return 0;
    }

    OCTET_KILL(&f2);
    OCTET_KILL(&f3);


    res=DLSP_DSA(NULL,&dom,&RNG,&s,&f,&c,&d); /* sign it   */
    res=DLVP_DSA(NULL,&dom,&p,&c,&d,&f);       /* verify it */
    if (res==0)
        printf("DL DSA Signature - OK\n");
    else
    {
        printf("*** DL DSA Signature Failed\n");
        return 0;
    }
    
    res=DLSP_NR(NULL,&dom,&RNG,&s,&f,&c,&d); /* sign it */
    res=DLVP_NR(NULL,&dom,&p,&c,&d,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("DL  NR Signature - OK\n");
    else
    {
        printf("*** DL  NR Signature Failed\n");
        return 0;
    }
    
    OCTET_INIT(&u,bytes);
    OCTET_INIT(&v,bytes);

    res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v);
    res=DLSP_NR2(NULL,&dom,&s,&u,&v,&f,&c,&d);
    res=DLVP_NR2(NULL,&dom,&p,&c,&d,&f1,&v1);

    if (OCTET_COMPARE(&f,&f1) && OCTET_COMPARE(&v,&v1))
        printf("DL NR2 Signature - OK\n");
    else
    {
        printf("*** DL NR2 Signature Failed\n");
        return 0;
    }

    res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v);
    res=DLSP_PV(NULL,&dom,&s,&u,&f,&d);
    res=DLVP_PV(NULL,&dom,&p,&f,&d,&v1);

    if (OCTET_COMPARE(&v,&v1))
        printf("DL  PV Signature - OK\n");
    else
    {
        printf("*** DL  PV Signature Failed\n");
        return 0;
    }

    OCTET_KILL(&u);  OCTET_KILL(&v);
    OCTET_KILL(&s0); OCTET_KILL(&s1);
    OCTET_KILL(&w0); OCTET_KILL(&w1);
    OCTET_KILL(&z);  OCTET_KILL(&z1); OCTET_KILL(&z2);
    OCTET_KILL(&u0); OCTET_KILL(&u1);
    OCTET_KILL(&v0); OCTET_KILL(&v1);
    OCTET_KILL(&s);  OCTET_KILL(&p);
    OCTET_KILL(&f);  OCTET_KILL(&f1);
    OCTET_KILL(&c);  OCTET_KILL(&d);

    DL_DOMAIN_KILL(&dom);

/* Now test Elliptic Curves mod p */

    bytes=ECP_DOMAIN_INIT(&epdom,"common.ecs",NULL,precompute);
    res=ECP_DOMAIN_VALIDATE(NULL,&epdom);
    if (res!=0)
    {
        printf("Domain parameters are invalid %d\n",res);
        return 0;
    }
    OCTET_INIT(&s0,bytes);
    OCTET_INIT(&s1,bytes);
    OCTET_INIT(&w0,2*bytes+1);   
    OCTET_INIT(&w1,2*bytes+1); /* NOTE: these are EC points (x,y) */
                               /* hence the size of 2*bytes+1. However */
                               /* bytes+1 is OK if compression is used */

    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s0,compress,&w0);
    res=ECP_PUBLIC_KEY_VALIDATE(NULL,&epdom,TRUE,&w0);
    if (res!=0)
    {
        printf("ECP Public Key is invalid!\n");
        return 0;
    }

    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s1,compress,&w1);
    res=ECP_PUBLIC_KEY_VALIDATE(NULL,&epdom,TRUE,&w1);
    if (res!=0)
    {
        printf("ECP Public Key is invalid!\n");
        return 0;
    }

    OCTET_INIT(&z,bytes);
    OCTET_INIT(&z1,bytes);
    OCTET_INIT(&z2,bytes);

    ECPSVDP_DH(NULL,&epdom,&s0,&w1,&z);
    ECPSVDP_DH(NULL,&epdom,&s1,&w0,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("ECPSVDP-DH - OK\n");
    else
    {
        printf("*** ECPSVDP-DH Failed\n");
        return 0;
    }

    ECPSVDP_DHC(NULL,&epdom,&s1,&w0,TRUE,&z2);

    if (OCTET_COMPARE(&z,&z2))
        printf("ECPSVDP-DHC Compatibility Mode - OK\n");
    else
    {
        printf("*** ECPSVDP-DHC Compatibility Mode Failed\n");
        return 0;
    }

    ECPSVDP_DHC(NULL,&epdom,&s0,&w1,FALSE,&z);
    ECPSVDP_DHC(NULL,&epdom,&s1,&w0,FALSE,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("ECPSVDP-DHC - OK\n");
    else
    {
        printf("*** ECPSVDP-DHC Failed\n");
        return 0;
    }

    OCTET_INIT(&u0,bytes);
    OCTET_INIT(&u1,bytes);
    OCTET_INIT(&v0,2*bytes+1);
    OCTET_INIT(&v1,2*bytes+1);

    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&u0,compress,&v0);
    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&u1,compress,&v1);

    ECPSVDP_MQV(NULL,&epdom,&s0,&u0,&v0,&w1,&v1,&z);
    ECPSVDP_MQV(NULL,&epdom,&s1,&u1,&v1,&w0,&v0,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("ECPSVDP-MQV - OK\n");
    else
    {
        printf("*** ECPSVDP-MQV Failed\n");
        return 0;
    }

    ECPSVDP_MQVC(NULL,&epdom,&s0,&u0,&v0,&w1,&v1,TRUE,&z2);
       
    if (OCTET_COMPARE(&z,&z2))
        printf("ECPSVDP_MQVC Compatibility Mode - OK\n");
    else
    {
        printf("*** ECPSVDP_MQVC Compatibility Mode Failed\n");
        return 0;
    }

    ECPSVDP_MQVC(NULL,&epdom,&s0,&u0,&v0,&w1,&v1,FALSE,&z);
    ECPSVDP_MQVC(NULL,&epdom,&s1,&u1,&v1,&w0,&v0,FALSE,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("ECPSVDP-MQVC - OK\n");
    else
    {
        printf("*** ECPSVDP-MQVC Failed\n");
        return 0;
    }

    OCTET_INIT(&s,bytes);
    OCTET_INIT(&w,2*bytes+1);

    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s,compress,&w);
    res=ECP_PUBLIC_KEY_VALIDATE(NULL,&epdom,TRUE,&w);

    if (res!=0)
    {
        printf("ECP Public Key is invalid!\n");
        return 0;
    }

    OCTET_INIT(&f,bytes);
    OCTET_INIT(&f1,bytes);
    OCTET_INIT(&c,bytes);
    OCTET_INIT(&d,bytes);
 
    f.len=16;                   /* fake a message */
    for (i=0;i<16;i++) f.val[i]=i+1;          
                                /* make sure its less than group order */

    res=ECPSP_DSA(NULL,&epdom,&RNG,&s,&f,&c,&d);
    res=ECPVP_DSA(NULL,&epdom,&w,&c,&d,&f);

    if (res==0)
        printf("ECP DSA  Signature - OK\n");
    else
    {
        printf("*** ECP DSA Signature Failed\n");
        return 0;
    } 

    res=ECPSP_NR(NULL,&epdom,&RNG,&s,&f,&c,&d);
    res=ECPVP_NR(NULL,&epdom,&w,&c,&d,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("ECP  NR  Signature - OK\n");
    else
    {
        printf("*** ECP  NR Signature Failed\n");
        return 0;
    } 

    OCTET_INIT(&u,bytes);
    OCTET_INIT(&v,bytes);

    res=ECPPSP_NR2PV(NULL,&epdom,&RNG,&u,&v);
    res=ECPSP_NR2(NULL,&epdom,&s,&u,&v,&f,&c,&d);
    res=ECPVP_NR2(NULL,&epdom,&w,&c,&d,&f1,&v1);

    if (OCTET_COMPARE(&f,&f1) && OCTET_COMPARE(&v,&v1))
        printf("ECP NR2  Signature - OK\n");
    else
    {
        printf("*** ECP  NR2  Signature Failed\n");
        return 0;
    }

    res=ECPPSP_NR2PV(NULL,&epdom,&RNG,&u,&v);
    res=ECPSP_PV(NULL,&epdom,&s,&u,&f,&d);
    res=ECPVP_PV(NULL,&epdom,&w,&f,&d,&v1);

    if (OCTET_COMPARE(&v,&v1))
        printf("ECP  PV  Signature - OK\n");
    else
    {
        printf("*** ECP  PV  Signature Failed\n");
        return 0;
    }

    OCTET_KILL(&u); OCTET_KILL(&v);
    OCTET_KILL(&s0); OCTET_KILL(&s1);
    OCTET_KILL(&w0); OCTET_KILL(&w1);
    OCTET_KILL(&z); 
    OCTET_KILL(&z1); OCTET_KILL(&z2);
    OCTET_KILL(&u0); OCTET_KILL(&u1);
    OCTET_KILL(&v0); OCTET_KILL(&v1);
    OCTET_KILL(&s); 
    OCTET_KILL(&w); 
    OCTET_KILL(&f); OCTET_KILL(&f1);
    OCTET_KILL(&c); OCTET_KILL(&d);

    ECP_DOMAIN_KILL(&epdom);

/* Now test Elliptic Curves mod 2^m */

    bytes=EC2_DOMAIN_INIT(&e2dom,"common2.ecs",NULL,precompute);
    res=EC2_DOMAIN_VALIDATE(NULL,&e2dom);
    if (res!=0)
    {
        printf("Domain parameters are invalid\n",res);
        return 0;
    }

    OCTET_INIT(&s0,bytes);
    OCTET_INIT(&s1,bytes);
    OCTET_INIT(&w0,2*bytes+1);
    OCTET_INIT(&w1,2*bytes+1);

    EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&s0,compress,&w0);
    EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&s1,compress,&w1);

    OCTET_INIT(&z,bytes);
    OCTET_INIT(&z1,bytes);
    OCTET_INIT(&z2,bytes);

    EC2SVDP_DH(NULL,&e2dom,&s0,&w1,&z);
    EC2SVDP_DH(NULL,&e2dom,&s1,&w0,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("EC2SVDP-DH - OK\n");
    else
    {
        printf("*** EC2SVDP-DH Failed\n");
        return 0;
    }

    EC2SVDP_DHC(NULL,&e2dom,&s1,&w0,TRUE,&z2);

    if (OCTET_COMPARE(&z,&z2))
        printf("EC2SVDP-DHC Compatibility Mode - OK\n");
    else
    {
        printf("*** EC2SVDP-DHC Compatibility Mode Failed\n");
        return 0;
    }

    EC2SVDP_DHC(NULL,&e2dom,&s0,&w1,FALSE,&z);
    EC2SVDP_DHC(NULL,&e2dom,&s1,&w0,FALSE,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("EC2SVDP-DHC - OK\n");
    else
    {
        printf("*** EC2SVDP-DHC Failed\n");
        return 0;
    }

    OCTET_INIT(&u0,bytes);
    OCTET_INIT(&u1,bytes);
    OCTET_INIT(&v0,2*bytes+1);
    OCTET_INIT(&v1,2*bytes+1);

    EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&u0,compress,&v0);
    EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&u1,compress,&v1);

    EC2SVDP_MQV(NULL,&e2dom,&s0,&u0,&v0,&w1,&v1,&z);
    EC2SVDP_MQV(NULL,&e2dom,&s1,&u1,&v1,&w0,&v0,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("EC2SVDP-MQV - OK\n");
    else
    {
        printf("*** EC2SVDP-MQV Failed\n");
        return 0;
    }

    EC2SVDP_MQVC(NULL,&e2dom,&s0,&u0,&v0,&w1,&v1,TRUE,&z2);
       
    if (OCTET_COMPARE(&z,&z2))
        printf("EC2SVDP_MQVC Compatibility Mode - OK\n");
    else
    {
        printf("*** EC2SVDP_MQVC Compatibility Mode Failed\n");
        return 0;
    }

    EC2SVDP_MQVC(NULL,&e2dom,&s0,&u0,&v0,&w1,&v1,FALSE,&z);
    EC2SVDP_MQVC(NULL,&e2dom,&s1,&u1,&v1,&w0,&v0,FALSE,&z1);

    if (OCTET_COMPARE(&z,&z1))
        printf("EC2SVDP-MQVC - OK\n");
    else
    {
        printf("*** EC2SVDP-MQVC Failed\n");
        return 0;
    }

    OCTET_INIT(&s,bytes);
    OCTET_INIT(&w,2*bytes+1);

    EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&s,compress,&w);
    res=EC2_PUBLIC_KEY_VALIDATE(NULL,&e2dom,TRUE,&w);

    if (res!=0)
    {
        printf("EC2 Public Key is invalid!\n");
        return 0;
    }

    OCTET_INIT(&f,bytes);
    OCTET_INIT(&f1,bytes);
    OCTET_INIT(&c,bytes);
    OCTET_INIT(&d,bytes);

    f.len=16;                   /* fake a message */
    for (i=0;i<16;i++) f.val[i]=i+1;          
                                /* make sure its less than group order */  

    res=EC2SP_DSA(NULL,&e2dom,&RNG,&s,&f,&c,&d);
    res=EC2VP_DSA(NULL,&e2dom,&w,&c,&d,&f);

    if (res==0)
        printf("EC2 DSA  Signature - OK\n");
    else
    {
        printf("*** EC2 DSA Signature Failed\n");
        return 0;
    } 

    res=EC2SP_NR(NULL,&e2dom,&RNG,&s,&f,&c,&d);
    res=EC2VP_NR(NULL,&e2dom,&w,&c,&d,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("EC2  NR  Signature - OK\n");
    else
    {
        printf("*** EC2  NR Signature Failed\n");
        return 0;
    } 
    OCTET_INIT(&u,bytes);
    OCTET_INIT(&v,bytes);

    res=EC2PSP_NR2PV(NULL,&e2dom,&RNG,&u,&v);
    res=EC2SP_NR2(NULL,&e2dom,&s,&u,&v,&f,&c,&d);
    res=EC2VP_NR2(NULL,&e2dom,&w,&c,&d,&f1,&v1);

    if (OCTET_COMPARE(&f,&f1) && OCTET_COMPARE(&v,&v1))
        printf("EC2 NR2  Signature - OK\n");
    else
    {
        printf("*** EC2 NR2  Signature Failed\n");
        return 0;
    }

    res=EC2PSP_NR2PV(NULL,&e2dom,&RNG,&u,&v);
    res=EC2SP_PV(NULL,&e2dom,&s,&u,&f,&d);
    res=EC2VP_PV(NULL,&e2dom,&w,&f,&d,&v1);

    if (OCTET_COMPARE(&v,&v1))
        printf("EC2  PV  Signature - OK\n");
    else
    {
        printf("*** EC2  PV  Signature Failed\n");
        return 0;
    }

    OCTET_KILL(&u); OCTET_KILL(&v);
    OCTET_KILL(&s0); OCTET_KILL(&s1);
    OCTET_KILL(&w0); OCTET_KILL(&w1);
    OCTET_KILL(&z); 
    OCTET_KILL(&z1); OCTET_KILL(&z2);
    OCTET_KILL(&u0); OCTET_KILL(&u1);
    OCTET_KILL(&v0); OCTET_KILL(&v1);
    OCTET_KILL(&s); 
    OCTET_KILL(&w); 
    OCTET_KILL(&f); OCTET_KILL(&f1);
    OCTET_KILL(&c); OCTET_KILL(&d);

    EC2_DOMAIN_KILL(&e2dom);

    printf("Generating 1024-bit RSA Key Pair....\n");
    bytes=IF_KEY_PAIR(NULL,&RNG,1024,65537,&priv,&pub);

    OCTET_INIT(&f,bytes);
    OCTET_INIT(&f1,bytes);
    OCTET_INIT(&g,bytes);

    f.len=20;
    for (i=0;i<20;i++) f.val[i]=i+1;    /* fake a message */
    IFEP_RSA(NULL,&pub,&f,&g);
    IFDP_RSA(NULL,&priv,&g,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("RSA Encryption - OK\n");
    else
    {
        printf("RSA Encryption Failed\n");
        return 0;
    } 

    OCTET_INIT(&s,bytes);
    OCTET_CLEAR(&f1);

    IFSP_RSA1(NULL,&priv,&f,&s);
    IFVP_RSA1(NULL,&pub,&s,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("RSA1 Signature - OK\n");
    else
    {
        printf("RSA1 Signature Failed\n");
        return 0;
    } 

    f.len=20;
    for (i=0;i<20;i++) f.val[i]=i+1;    /* fake a message */
    f.val[19]=12;                       /* =12 mod 16     */
    OCTET_CLEAR(&f1);

    IFSP_RSA2(NULL,&priv,&f,&s);
    IFVP_RSA2(NULL,&pub,&s,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("RSA2 Signature - OK\n");
    else
    {
        printf("RSA2 Signature Failed\n");
        return 0;
    } 

    IF_PUBLIC_KEY_KILL(&pub);
    IF_PRIVATE_KEY_KILL(&priv);

    printf("Generating 1024-bit RW Key Pair....\n");
    IF_KEY_PAIR(NULL,&RNG,1024,2,&priv,&pub);

    OCTET_CLEAR(&f1);
    IFSP_RW(NULL,&priv,&f,&s);
    IFVP_RW(NULL,&pub,&s,&f1);

    if (OCTET_COMPARE(&f,&f1))
        printf("RW Signature - OK\n");
    else
    {
        printf("RW Signature Failed\n");
        return 0;
    } 

    printf("\nP1363 IFSSA Signature\n");
    OCTET_CLEAR(&g);
    g.len=20;
    for (i=0;i<20;i++) g.val[i]=i+1;
    printf("Message is \n");
    OCTET_OUTPUT(&g);
    mlen=1023; 
    if (!EMSA4_ENCODE(TRUE,SHA256,10,&RNG,mlen,&g,NULL,&f))
    {
        printf("Failed to EMSA encode message\n");
        return 0;  
    }

    printf("Message Representative is\n");
    OCTET_OUTPUT(&f);
    IFSP_RW(NULL,&priv,&f,&s);
    printf("Signature is\n");
    OCTET_OUTPUT(&s);
    printf("Verification\n");
    IFVP_RW(NULL,&pub,&s,&f1);
    printf("Message Representative is\n");
    OCTET_OUTPUT(&f1);
    result=EMSA4_DECODE(TRUE,SHA256,10,mlen,&f1,&g,NULL);
    if (result && OCTET_COMPARE(&f,&f1))
        printf("IFSSA Signature - OK\n");
    else
    {
        printf("IFSSA Signature Failed\n");
        return 0;
    } 
    
    printf("\nP1363 IFSSR Signature with recovery\n");
    OCTET_CLEAR(&g);
    g.len=20;
    for (i=0;i<20;i++) g.val[i]=i+1;
    printf("Message is \n");
    OCTET_OUTPUT(&g);
    mlen=1023; 
    EMSR3_ENCODE(FALSE,SHA256,10,&RNG,mlen,&g,NULL,NULL,&f);
    printf("Message Representative is\n");
    OCTET_OUTPUT(&f);
    IFSP_RW(NULL,&priv,&f,&s);
    OCTET_CLEAR(&g);
    printf("Signature is\n");
    OCTET_OUTPUT(&s);
    printf("Verification\n");

    result=EMSR3_DECODE(FALSE,SHA256,10,1023,&f,NULL,NULL,&g);
    printf("Recovered message= \n");
    OCTET_OUTPUT(&g);
    if (result) 
        printf("IFSSR Signature with recovery - OK\n");
    else
    {
        printf("IFSSR Signature with recovery Failed\n");
        return 0;
    } 

    IF_PUBLIC_KEY_KILL(&pub);
    IF_PRIVATE_KEY_KILL(&priv);

    OCTET_KILL(&f); OCTET_KILL(&f1);
    OCTET_KILL(&g); OCTET_KILL(&s);

    printf("\nP1363 DLSSR Signature with message recovery\n");


    bytes=DL_DOMAIN_INIT(&dom,"common.dss",NULL,precompute);
    res=DL_DOMAIN_VALIDATE(NULL,&dom);
    if (res!=0)
    {
        printf("Domain parameters are invalid\n");
        return 0;
    }

    OCTET_INIT(&s,bytes);
    OCTET_INIT(&w,bytes);
    OCTET_INIT(&u,bytes);
    OCTET_INIT(&v,bytes);
    OCTET_INIT(&v1,bytes);
    OCTET_INIT(&c,bytes);
    OCTET_INIT(&d,bytes);
    OCTET_INIT(&f,bytes);
    OCTET_INIT(&f1,bytes);

    OCTET_INIT(&m1,8);

    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s,&w);

    res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v);
    bits=dom.rbits-1;

    m1.len=8;
    for (i=0;i<8;i++) m1.val[i]=i+1;

    printf("recoverable message= ");
    OCTET_OUTPUT(&m1);
    
    result=EMSR1_ENCODE(FALSE,10,20,&m1,NULL,NULL,bits,SHA1,&v,&f);
    res=DLSP_NR2(NULL,&dom,&s,&u,&v,&f,&c,&d);
    OCTET_CLEAR(&m1);
    
    printf("Signature= \n");
    OCTET_OUTPUT(&c);
    OCTET_OUTPUT(&d);
    res=DLVP_NR2(NULL,&dom,&w,&c,&d,&f1,&v1);

    result=EMSR1_DECODE(FALSE,10,20,&f,NULL,NULL,bits,SHA1,&v1,8,&m1);
    printf("recovered message=   ");
    OCTET_OUTPUT(&m1);
    if (result)
        printf("DLSSR Signature with message recovery - OK\n");
    else
    {
        printf("*** DLSSR Signature with message recovery Failed\n");
        return 0;
    } 

    OCTET_KILL(&s);
    OCTET_KILL(&w);
    OCTET_KILL(&u);
    OCTET_KILL(&v);
    OCTET_KILL(&v1);
    OCTET_KILL(&c);
    OCTET_KILL(&d);
    OCTET_KILL(&f);
    OCTET_KILL(&f1);
    OCTET_KILL(&m1);

    DL_DOMAIN_KILL(&dom);

    printf("\nP1363 DLSSR-PV Signature with message recovery\n");


    bytes=DL_DOMAIN_INIT(&dom,"common.dss",NULL,precompute);
    res=DL_DOMAIN_VALIDATE(NULL,&dom);
    if (res!=0)
    {
        printf("Domain parameters are invalid\n");
        return 0;
    }

    OCTET_INIT(&s,bytes);
    OCTET_INIT(&w,bytes);
    OCTET_INIT(&u,bytes);
    OCTET_INIT(&v,bytes);
    OCTET_INIT(&m,bytes);
    OCTET_INIT(&c,bytes);
    OCTET_INIT(&h,bytes);
    OCTET_INIT(&d,bytes);

    DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s,&w);
    res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v);

    m.len=20;
    for (i=0;i<20;i++) m.val[i]=i+1;
    printf("recoverable message= ");
    OCTET_OUTPUT(&m);

    EMSR2_ENCODE(100,TRUE,SHA1,NULL,&m,&v,&c);
    HASH(SHA1,&c,&h);
    res=DLSP_PV(NULL,&dom,&s,&u,&h,&d);
    OCTET_CLEAR(&m);
    OCTET_CLEAR(&h);
    OCTET_CLEAR(&v);
    
    printf("Signature= \n");
    OCTET_OUTPUT(&c);
    OCTET_OUTPUT(&d);

    HASH(SHA1,&c,&h);
    res=DLVP_PV(NULL,&dom,&w,&h,&d,&v);
    result=EMSR2_DECODE(100,TRUE,SHA1,NULL,&c,&v,&m);
    printf("recovered message=   ");
    OCTET_OUTPUT(&m);
    if (result)
        printf("DLSSR-PV Signature with message recovery - OK\n");
    else
    {
        printf("*** DLSSR-PV Signature with message recovery Failed\n");
        return 0;
    } 

    OCTET_KILL(&s);
    OCTET_KILL(&w);
    OCTET_KILL(&u);
    OCTET_KILL(&v);
    OCTET_KILL(&m);
    OCTET_KILL(&c);
    OCTET_KILL(&h);
    OCTET_KILL(&d);
    DL_DOMAIN_KILL(&dom);

    printf("\nP1363 ECIES Encryption/Decryption - DHAES mode\n");

    dhaes=TRUE;   /* Use DHAES mode */


    bytes=ECP_DOMAIN_INIT(&epdom,"common.ecs",NULL,precompute);

    OCTET_INIT(&m,20); OCTET_INIT(&c,32); /* round up to block size */
    OCTET_INIT(&k,32); OCTET_INIT(&s,bytes);
    OCTET_INIT(&u,bytes); OCTET_INIT(&v,2*bytes+1);
    OCTET_INIT(&w,2*bytes+1);
    OCTET_INIT(&m1,20);
    OCTET_INIT(&k1,16); OCTET_INIT(&k2,16);
    OCTET_INIT(&tag,12); OCTET_INIT(&tag1,12);
    OCTET_INIT(&z,bytes);  OCTET_INIT(&vz,3*bytes+2);
    OCTET_INIT(&p1,30); OCTET_INIT(&p2,30);
    OCTET_INIT(&L2,8); OCTET_INIT(&C,300);

    OCTET_JOIN_STRING("Key Derivation Parameters",&p1);
    OCTET_JOIN_STRING("Encoding Parameters",&p2);

    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&u,compress,&v);  /* one time key pair */
    ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s,compress,&w);  /* recipients key pair */

    res=ECPSVDP_DH(NULL,&epdom,&u,&w,&z);     
    
    if (dhaes)
    {
        OCTET_COPY(&v,&vz);
        OCTET_JOIN_OCTET(&z,&vz);
    }
    else OCTET_COPY(&z,&vz);

    res=KDF2(&vz,&p1,32,SHA1,&k);
    printf("Key is \n");
    OCTET_OUTPUT(&k);

    k1.len=k2.len=16;
    for (i=0;i<16;i++) {k1.val[i]=k.val[i]; k2.val[i]=k.val[16+i];} 

    printf("Encryption\n");

    m.len=20;
    for (i=0;i<20;i++) m.val[i]=i+1;    /* fake a message */
    printf("Message is \n");
    OCTET_OUTPUT(&m);

    res=AES_CBC_IV0_ENCRYPT(&k1,&m,NULL,&c,NULL);

    printf("Ciphertext is \n");
    OCTET_OUTPUT(&c);

    if (dhaes) OCTET_JOIN_LONG((long)p2.len,8,&L2);

    OCTET_COPY(&c,&C);
    OCTET_JOIN_OCTET(&p2,&C);
    OCTET_JOIN_OCTET(&L2,&C);

    res=MAC1(&C,NULL,&k2,12,SHA256,&tag);

    printf("HMAC tag is \n");
    OCTET_OUTPUT(&tag);

/* Note that "two passes" are required, one to encrypt, one
   to calculate the MAC.  */

/* Overall ciphertext is (v,c,tag) */

    OCTET_CLEAR(&z); OCTET_CLEAR(&k); 
    OCTET_CLEAR(&k1); OCTET_CLEAR(&k2); 
    OCTET_CLEAR(&vz); OCTET_CLEAR(&C);
    OCTET_CLEAR(&L2);

    printf("Decryption\n");

    res=ECPSVDP_DH(NULL,&epdom,&s,&v,&z);  

    if (dhaes)
    {
        OCTET_COPY(&v,&vz);
        OCTET_JOIN_OCTET(&z,&vz);
    }

    else OCTET_COPY(&z,&vz);

    res=KDF2(&vz,&p1,32,SHA1,&k);
    k1.len=k2.len=16;
    for (i=0;i<16;i++) {k1.val[i]=k.val[i]; k2.val[i]=k.val[16+i];} 

    res=AES_CBC_IV0_DECRYPT(&k1,&c,NULL,&m1,NULL);

    printf("Message is \n");
    OCTET_OUTPUT(&m1);

    if (dhaes) OCTET_JOIN_LONG((long)p2.len,8,&L2);

    OCTET_COPY(&c,&C);
    OCTET_JOIN_OCTET(&p2,&C);
    OCTET_JOIN_OCTET(&L2,&C);

    res=MAC1(&C,NULL,&k2,12,SHA256,&tag1);

    printf("HMAC tag is \n");
    OCTET_OUTPUT(&tag1);

    if (OCTET_COMPARE(&m,&m1) && OCTET_COMPARE(&tag,&tag1))
        printf("ECIES Encryption/Decryption - OK\n");
    else
    {
        printf("ECIES Encryption/Decryption Failed\n");
        return 0;
    } 
       
    OCTET_KILL(&tag); OCTET_KILL(&tag1);
    OCTET_KILL(&k1); OCTET_KILL(&k2);
    OCTET_KILL(&m);  OCTET_KILL(&c);
    OCTET_KILL(&k); OCTET_KILL(&s);
    OCTET_KILL(&u); OCTET_KILL(&v); 
    OCTET_KILL(&m1); OCTET_KILL(&w);  
    OCTET_KILL(&p1); OCTET_KILL(&p2);
    OCTET_KILL(&L2); OCTET_KILL(&C);

    ECP_DOMAIN_KILL(&epdom);
    OCTET_KILL(&z); OCTET_KILL(&vz);

    KILL_CSPRNG(&RNG);
    return 0;
}
예제 #3
0
int main()
{   
  int i,j=0,res;
  int result;
  unsigned long ran;
  char *pp="M0ng00se";
  /* These octets are automatically protected against buffer overflow attacks */
  /* Note salt must be big enough to include an appended word */
  /* Note ECIES ciphertext C must be big enough to include at least 1 appended block */
  /* Recall EFS is field size in bytes. So EFS=32 for 256-bit curve */
  char s0[EGS],s1[EGS],w0[2*EFS+1],w1[2*EFS+1],z0[EFS],z1[EFS],raw[100],key[EAS],salt[32],pw[20],p1[30],p2[30],v[2*EFS+1],m[32],c[64],t[32],cs[EGS],ds[EGS];
  octet S0={0,sizeof(s0),s0};
  octet S1={0,sizeof(s1),s1};
  octet W0={0,sizeof(w0),w0};
  octet W1={0,sizeof(w1),w1};
  octet Z0={0,sizeof(z0),z0};
  octet Z1={0,sizeof(z1),z1};
  octet RAW={0,sizeof(raw),raw};
  octet KEY={0,sizeof(key),key};
  octet SALT={0,sizeof(salt),salt};
  octet PW={0,sizeof(pw),pw};
  octet P1={0,sizeof(p1),p1};
  octet P2={0,sizeof(p2),p2};
  octet V={0,sizeof(v),v};
  octet M={0,sizeof(m),m};
  octet C={0,sizeof(c),c};
  octet T={0,sizeof(t),t};
  octet CS={0,sizeof(cs),cs};
  octet DS={0,sizeof(ds),ds};

  /* Crypto Strong RNG */
  csprng RNG;                  				  
  time((time_t *)&ran);
  /* fake random seed source */
  RAW.len=100;		
  RAW.val[0]=ran;
  RAW.val[1]=ran>>8;
  RAW.val[2]=ran>>16;
  RAW.val[3]=ran>>24;
  for (i=0;i<100;i++) RAW.val[i]=i;
  /* initialise strong RNG */
  CREATE_CSPRNG(&RNG,&RAW);   

  SALT.len=8;
  for (i=0;i<8;i++) SALT.val[i]=i+1;  // set Salt

  printf("Alice's Passphrase= %s\n",pp);

  OCT_empty(&PW);
  OCT_jstring(&PW,pp);   // set Password from string

  /* private key S0 of size EGS bytes derived from Password and Salt */
  PBKDF2(&PW,&SALT,1000,EGS,&S0);
  printf("Alices private key= 0x"); OCT_output(&S0);

  /* Generate Key pair S/W */
  ECP_KEY_PAIR_GENERATE(NULL,&S0,&W0); 

  res=ECP_PUBLIC_KEY_VALIDATE(1,&W0);
  if (res!=0)
  {
    printf("ECP Public Key is invalid!\n");
    return 1;
  }

  printf("Alice's public key= 0x");  OCT_output(&W0);

  /* Random private key for other party */
  ECP_KEY_PAIR_GENERATE(&RNG,&S1,&W1);
  res=ECP_PUBLIC_KEY_VALIDATE(1,&W1);
  if (res!=0)
  {
    printf("ECP Public Key is invalid!\n");
    return 1;
  }
  printf("Servers private key= 0x");  OCT_output(&S1);
  printf("Servers public key= 0x");   OCT_output(&W1);

  /* Calculate common key using DH - IEEE 1363 method */
  ECPSVDP_DH(&S0,&W1,&Z0);
  ECPSVDP_DH(&S1,&W0,&Z1);
  
  if (!OCT_comp(&Z0,&Z1))
  {
    printf("*** ECPSVDP-DH Failed\n");
    return 0;
  }

  KDF2(&Z0,NULL,EAS,&KEY);

  printf("Alice's DH Key=  0x"); OCT_output(&KEY);
  printf("Servers DH Key=  0x"); OCT_output(&KEY);

  printf("Testing ECIES\n");

  P1.len=3; P1.val[0]=0x0; P1.val[1]=0x1; P1.val[2]=0x2; 
  P2.len=4; P2.val[0]=0x0; P2.val[1]=0x1; P2.val[2]=0x2; P2.val[3]=0x3; 

  M.len=17;
  for (i=0;i<=16;i++) M.val[i]=i; 

  ECP_ECIES_ENCRYPT(&P1,&P2,&RNG,&W1,&M,12,&V,&C,&T);

  printf("Ciphertext= \n"); 
  printf("V= 0x"); OCT_output(&V);
  printf("C= 0x"); OCT_output(&C);
  printf("T= 0x"); OCT_output(&T);

  if (!ECP_ECIES_DECRYPT(&P1,&P2,&V,&C,&T,&S1,&M))
  {
    printf("*** ECIES Decryption Failed\n");
    return 1;
  }
  else printf("Decryption succeeded\n");

  printf("Message is 0x"); OCT_output(&M);

  printf("Testing ECDSA\n");

  if (ECPSP_DSA(&RNG,&S0,&M,&CS,&DS)!=0)
  {
    printf("***ECDSA Signature Failed\n");
    return 1;
  }

  printf("Signature C = 0x"); OCT_output(&CS);
  printf("Signature D = 0x"); OCT_output(&DS);

  if (ECPVP_DSA(&W0,&M,&CS,&DS)!=0)
  {
    printf("***ECDSA Verification Failed\n");
    return 1;
  }
  else printf("ECDSA Signature/Verification succeeded %d\n",j);

  KILL_CSPRNG(&RNG);

  printf("SUCCESS\n");
  return 0;
}
예제 #4
0
int main(int argc,char **argv)
{   
    int i,res;
    BOOL result;
	char *pp="M0ng00se";
/* These octets are automatically protected against buffer overflow attacks */
/* Note salt must be big enough to include an appended word */
/* Note ECIES ciphertext C must be big enough to include at least 1 appended block */
/* Recall EFS is field size in bytes. So EFS=32 for 256-bit curve */
	char s0[EGS],s1[EGS],w0[2*EFS+1],w1[2*EFS+1],z0[EFS],z1[EFS],raw[100],key[EAS],salt[32],pw[20],b64[4+((8*EFS+4)/3)],p1[30],p2[30],v[2*EFS+1],m[32],c[64],t[32],cs[EGS],ds[EGS];
	octet S0={0,sizeof(s0),s0};
	octet S1={0,sizeof(s1),s1};
	octet W0={0,sizeof(w0),w0};
	octet W1={0,sizeof(w1),w1};
	octet Z0={0,sizeof(z0),z0};
	octet Z1={0,sizeof(z1),z1};
	octet RAW={0,sizeof(raw),raw};
	octet KEY={0,sizeof(key),key};
	octet SALT={0,sizeof(salt),salt};
	octet PW={0,sizeof(pw),pw};
	octet P1={0,sizeof(p1),p1};
	octet P2={0,sizeof(p2),p2};
	octet V={0,sizeof(v),v};
	octet M={0,sizeof(m),m};
	octet C={0,sizeof(c),c};
	octet T={0,sizeof(t),t};
	octet CS={0,sizeof(cs),cs};
	octet DS={0,sizeof(ds),ds};

    ecp_domain epdom;
    csprng RNG;                /* Crypto Strong RNG */
                              
    RAW.len=100;				/* fake random seed source */
    for (i=0;i<100;i++) RAW.val[i]=i+1;

    CREATE_CSPRNG(&RNG,&RAW);   /* initialise strong RNG */

    SALT.len=8;
    for (i=0;i<8;i++) SALT.val[i]=i+1;  // set Salt

	printf("Alice's Passphrase= %s\n",pp);

	OCTET_JOIN_STRING(pp,&PW);   // set Password from string

/* First set up Elliptic Curve from ROM data */

    ECP_DOMAIN_INIT(&epdom,ecrom);

/* private key S0 of size EGS bytes derived from Password and Salt */

	PBKDF2(&PW,&SALT,1000,EGS,&S0);
	OCTET_TO_BASE64(&S0,b64);
	printf("Alices private key= %s\n",b64);

/* Generate Key pair S/W */

    ECP_KEY_PAIR_GENERATE(&epdom,NULL,&S0,&W0); 
    res=ECP_PUBLIC_KEY_VALIDATE(&epdom,TRUE,&W0);
    if (res!=0)
    {
        printf("ECP Public Key is invalid!\n");
        return 0;
    }
	OCTET_TO_BASE64(&W0,b64);
	printf("Alice's public key= %s\n",b64); 
	OCTET_FROM_BASE64(b64,&W0);

/* Random private key for other party */

	S1.len=3; S1.val[0]=0x01; S1.val[1]=0x23; S1.val[2]=0x45; 

    ECP_KEY_PAIR_GENERATE(&epdom,NULL,&S1,&W1);
    res=ECP_PUBLIC_KEY_VALIDATE(&epdom,TRUE,&W1);
    if (res!=0)
    {
        printf("ECP Public Key is invalid!\n");
        return 0;
    }
	OCTET_TO_BASE64(&W1,b64);
	printf("Servers public key= %s\n",b64); 
	OCTET_FROM_BASE64(b64,&W1);

/* Calculate common key using DH - IEEE 1363 method */

    ECPSVDP_DH(&epdom,&S0,&W1,&Z0);
    ECPSVDP_DH(&epdom,&S1,&W0,&Z1);
    
	if (!OCTET_COMPARE(&Z0,&Z1))
    {
        printf("*** ECPSVDP-DH Failed\n");
        return 0;
    }

	KDF1(&Z0,EAS,&KEY);
	printf("Alice's DH Key=  "); for (i=0;i<EAS;i++) printf("%u ",KEY.val[i]&0xff);
	printf("\n");
	printf("Servers DH Key=  "); for (i=0;i<EAS;i++) printf("%u ",KEY.val[i]&0xff);
	printf("\n");


	printf("Testing ECIES\n");

	P1.len=3; P1.val[0]=0x0; P1.val[1]=0x1; P1.val[2]=0x2; 
	P2.len=4; P2.val[0]=0x0; P2.val[1]=0x1; P2.val[2]=0x2; P2.val[3]=0x3; 

    M.len=17;
    for (i=0;i<=16;i++) M.val[i]=i;    /* fake a message */

	ECP_ECIES_ENCRYPT(&epdom,&P1,&P2,&RNG,&W1,&M,12,&V,&C,&T);

	printf("Ciphertext= \n");
	OCTET_TO_BASE64(&V,b64);
	printf("V= %s\n",b64);
	OCTET_FROM_BASE64(b64,&V);
	OCTET_TO_BASE64(&C,b64);
	printf("C= %s\n",b64);
	OCTET_FROM_BASE64(b64,&C);
	OCTET_TO_BASE64(&T,b64);
	printf("V= %s\n",b64);
	OCTET_FROM_BASE64(b64,&T);

	if (!ECP_ECIES_DECRYPT(&epdom,&P1,&P2,&V,&C,&T,&S1,&M))
	{
		printf("*** ECIES Decryption Failed\n");
		return 0;
	}
	else printf("Decryption succeeded\n");

	printf("Message is "); OCTET_OUTPUT(&M);


	printf("Testing ECDSA\n");

	if (ECPSP_DSA(&epdom,&RNG,&S0,&M,&CS,&DS)!=0)
	{
		printf("***ECDSA Signature Failed\n");
		return 0;
	}
	OCTET_TO_BASE64(&CS,b64);
	printf("Signature C = %s\n",b64);
	OCTET_FROM_BASE64(b64,&CS);
	OCTET_TO_BASE64(&DS,b64);
	printf("Signature D = %s\n",b64);
	OCTET_FROM_BASE64(b64,&DS);

	if (ECPVP_DSA(&epdom,&W0,&M,&CS,&DS)!=0)
	{
		printf("***ECDSA Verification Failed\n");
		return 0;
	}
	else printf("ECDSA Signature/Verification succeeded\n");

    ECP_DOMAIN_KILL(&epdom);

    KILL_CSPRNG(&RNG);
    return 0;
}